Arbitrary File Read Vulnerability in NSXMLParser in Apple iOS before 8

Arbitrary File Read Vulnerability in NSXMLParser in Apple iOS before 8

CVE-2014-4374 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

NSXMLParser in Foundation in Apple iOS before 8 allows attackers to read arbitrary files via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.

Learn more about our Cis Benchmark Audit For Apple Ios.